[License-discuss] 3-clause BSD with additional clause forbidding key disclosure

Cinly Ooi cinly.ooi at gmail.com
Fri Feb 6 13:35:58 UTC 2015


I will say the reason is restricting redistribution on the grounds that you
theoretically can give yourself power to deny someone a private key.

Plus the fact that you could, again theoretically, use the private key
license to impose additional restriction, including no distribution of the
BSD-ed code. Although in theory that is non-enforceable, in practice it is
other considerations, including business relationship with you, that will
mean your users will choose to exercise their rights not to distribute.
Although this in theory is not violation of Open Source, to a lot of people
(non zealots) it is in violation of the spirit of open source as you can
effectively choke distribution rights if your users decided not to
distribute because they don't want to lose the private key license.


Best Regards,
Cinly

*****
I do not read footer and will not be bounded by them. If they are legally
enforceable then this one always triumph yours.

On 5 February 2015 at 13:16, Zluty Sysel <zluty.sysel at gmail.com> wrote:

> Hi there,
>
> On Thu, Feb 5, 2015 at 12:27 PM, Simon Phipps <webmink at opensource.org>
> wrote:
> >
> >
> > On Wed, Feb 4, 2015 at 12:24 PM, Zluty Sysel <zluty.sysel at gmail.com>
> wrote:
> >>
> >>
> >> The issue however is that there is a certain reluctance not to include
> >> this in the source code license, since one of the .c files contains a
> >> very distinct placeholder (set to NULL) for the Private Key in it. The
> >> clause in the license would serve as a reminder that those Private
> >> Keys (which sometimes are shared across all employees of a single
> >> company) are not redistributable even when the source code contains
> >> one (albeit a NULL development one). Since Private Keys are
> >> distributed in a fashion that makes it difficult for them to be
> >> attached to a license, the company wants to include this in each
> >> source code file so that users do not inadvertently commit to public
> >> repos with the Private Key set.
> >
> >
> > Surely this is a matter to handle via a 1:1 contract with your
> customer?  I
> > have doubts that the additional restriction you are proposing is
> > OSD-compliant.
>
> Thanks for the reply.
> Yes, and they do have a contract with each customer that receives the
> Private Key, along with the source code that goes with it.
> Could you however elaborate on why the additional restriction would
> not be OSD-compliant? Do you think it could be reworded so that it
> does become compliant?
>
> Thanks,
>
> Zluty
> _______________________________________________
> License-discuss mailing list
> License-discuss at opensource.org
> http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensource.org/pipermail/license-discuss_lists.opensource.org/attachments/20150206/7be0ff88/attachment.html>


More information about the License-discuss mailing list